Eskom CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH Eskom CVE published 2023-11-28

CVE-2023-6151

CVE-2023-6151 is a high-severity information disclosure issue in ESKOM's E-Belediye e-municipality module. According to the official NVD record and the referenced USOM advisory, versions before v105 are affected. The published CVSS vector indicates remote, unauthenticated exploitation with high confidentiality impact and no integrity or availability impact. Organizations using affected builds should prior [truncated]

HIGH Eskom CVE published 2023-11-28

CVE-2023-6150

CVE-2023-6150 is a high-severity issue in ESKOM’s E-Belediye / e-municipality module affecting versions before v105. The NVD record and USOM advisory describe an incorrect use of privileged APIs weakness that can expose user-provided data. The published CVSS 3.1 vector indicates the issue is network reachable, requires no privileges or user interaction, and has a high confidentiality impact.